If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Survey: Spam costs companies $22bn yearly

SourceStudy: Spam costing companies $22 billion a year
Thursday, February 3, 2005 Posted: 11:13 AM EST (1613 GMT)
NEW YORK (AP) -- Time wasted deleting junk e-mail costs American businesses nearly $22 billion a year, according to a new study from the University of Maryland.

A telephone-based survey of adults who use the Internet found that more than three-quarters receive spam daily. The average spam messages per day is 18.5 and the average time spent per day deleting them is 2.8 minutes.

The loss in productivity is equivalent to $21.6 billion per year at average U.S. wages, according to the National Technology Readiness Survey produced by Rockbridge Associates, Inc., and the Center for Excellence in Service at Maryland's business school.

The study also found that 14 percent of spam recipients actually read messages to see what they say, and 4 percent of the recipients have bought something advertised through spam within the past year.

The random survey of 1,000 U.S. adults was conducted in November and has a margin of sampling error of plus or minus 3 percentage points.

It's nice that they've provided these averaged numbers, but I don't feel it's a fair evaluation of the state of the Internet. Is this *solely* business email? I don't waste anytime at all. My client and my consulting company provide severe, robust spam filtering on our accounts. I don't see *jack* for spam. However, my personal accounts...I've given up on ISP pop mail. I use a few different free mail services that use web interface and allow POP (among other) means.

"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --SpafAnyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

Yep... Spam costs me a lot in time at work.... Mostly time spent by a staffmember vetting the trapped spam for valid mail.... But it's more the nature of our business and our clients that generate a situation where "robust" filtering is not really possible....

I have some interesting observations, (well, i think they are interesting.... ), regarding my spam filtering and the effects of my 'tweaking". Firstly I use GFI Mail Essentials on my Mail Sentry which is my "catchall" receiving mail server in the DMZ that then forwards it to the appropriate internal mail servers. Then I use some of the features of tha Watchguard to help....

I started out just using the GFI with much of the keyword stuff removed because they catch too much legitimate mail. Some 50% of all mail was spam.... The GFI upgraded and introduced their Bayesian filter. Unfortunately, outbound mail doesn't go through this server so I can't turn on the "learn from outgoing" feature and have to rely on the downloaded bayesian databases. Then the amount of spam in my inbox noticably declined and the percentage caught went up to 60%... nice... Bayesian filtering works. Then I started swiching the RBL's to see what effect it has..... The number in the keyword and the bayesian dropped fairly significantly in relation to the RBL's blocking more and more, (depending upon which two I chose to implement - Lesson: try different RBL's - some are better than others and an RBL check is less intensive on server resources than the other trapping methods).... This didn't alter the amount of spam just the way it affected the server, it remained in the 60% region.....

Then I decided to implement SPF, (Sender Policy Framework) and GFI 10 Beta allows SPF checking..... SPF checking is even better for the server in terms of resources since it is a simple DNS check..... Again, individual figures altered but the total, 60%, remained about the same.

In the process of checking the spam blocked by the SPF filter I noticed a couple of things and realized that tweaking GFI was all very well but my bandwidth was still being eaten by having to receive the whole email..... Even those nice big attachments before the filters kicked in.... the teo things I noticed were:-

1. There's a lot of spammers out there that use a similar address pattern for every email.... My special favorite is one that rotates the domain several times a day but the sender is always minfo@&lt;rotating_domain&gt;... This dumbass then changed his pattern to binfo@&lt;rotating_domain&gt; .... Well, that was a no brainer.... and it dropped the GFI stats to around 55%

2. This is something I think a lot of us miss and some credit needs to go to my spam-filtering employee.... We all have those (L)users that sign up for every last piece of crap the internet has to offer and then.... they up and leave.... Unfortunately, as they avoid the door hitting them in the ass they conveniently forget to inform all those lovely spammer that they are leaving.... Result.... 9.4 million spams per day come to Luserthatleft@yourdomain.com.

In comes the Watchguard... It kills the mail flow at the point of the MAIL FROM or the RCPT TO point by sending a basically BS error to the sending server that basically says, IIRC, "Chunk too large or user does not exist".... Good one I know but it kills the mail transaction and saves my bandwidth.

The SMTP proxy allows you to allow/deny from and allow/deny from.... Oooh....

If you deny mail from any pattern minfo@* or binfo@* you notice a significant drop in the amount of spam GFI stops.... 5% or more... Yours may be different but look for the patterns if you can filter at your firewall... look for them....

The real biggie is the deny to the lusersthatleft@yourdomain.com on the firewall.... This had a huge effect.... In the last month blocking those inbound RCPT TO's has dropped GFI's blocked stuff from the 55% range into the mid fourty's....

I like that... I've saved 20-33% of the bandwidth I wasted on receiving crap no-one wants..... I'm happy with that......

Don\'t SYN us.... We\'ll SYN you..... \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

SPAM

I really got astonshed from the numbers, zonecoder. And I think that the stream of SPAMMING would go up unless we have most internet useres educated to deal with such emails.
I think that global entities like ISOC must embark a coherent globalwide campaign against SPAM.

As much as I would love to agree and say spam is a problem I have to play the Devil's advocate too. Spam and Viruses and Spyware keeps a paycheck coming to my house. Do I hate the stuff, YES. Does it provide a pretty steady income for me.... YES. After expense and modification is it possible to fix/ prevent most of it. Kinda. Unfortunately it relies on the other users behind a network and not just you and I. If everyone here on AO worked at the same company I am willing to be we would have FAR less problems than if we take our typical users.

One thing that is great to explain to some of your users is to setup a dummy free account and anytime they sign up for something to use that dummy account. At least this way they wont get as much spam. I know I personally have 2 hotmail accts, 2 business accts. 1 gmail for large transfers. This way I have 2 junk emails and 3 normal. I get about 10 junk emails a day at my normal hotmail acct and they are almost all delivered to the junk box, I take a quick peek and empty it. takes me 10 secs. On this same note... I dont have to worry about a wide open box that takes in spam either so thats something I dont have to mess with.